/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

package helpdesk;

import java.io.IOException;
// import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
// import javax.servlet.http.HttpSession;
import javax.servlet.RequestDispatcher;

import java.sql.SQLException;

/**
 * Log a user in if they haven't been. If they have, redirect them to the
 * profile page. Sets up a monitor to detect if a user logs out.
 *
 * Parameters:
 * 1) email - usesr's email address
 * 2) password - user's password
 *
 * Attributes for JSP page:
 * 1) email - used so that email address is not lost on an incorrect password
 * 2) error - error messages
 *
 * Session variables:
 * 1) user - set on successful login
 * 2) userLoginMonitor - set on successful login
 *
 * @author brian
 */
public class LoginServlet extends HttpServlet {
   
    /** 
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {

        String email = request.getParameter("email");
        String password = request.getParameter("password");

        String error = null;

        HttpSession session = request.getSession();

        RequestDispatcher rd;
        try
        {
            if (session.getAttribute("user") != null)
            {
                response.sendRedirect("profile.jsp");
            }
            else if (email == null || password == null)
            {
                rd = request.getRequestDispatcher("/WEB-INF/login.jsp");
                rd.forward(request, response);
            }
            else
            {
                try
                {
                    User user = User.getUserByEmail(email);
                    request.setAttribute("email", email);
                    if (user == null || !user.matchPassword(password))
                    {
                        request.setAttribute("error", "Invalid username/password");
                        rd = request.getRequestDispatcher("/WEB-INF/login.jsp");
                        rd.forward(request, response);
                    }
                    else
                    {
                        if (user.getActive())
                        {
                            session.setAttribute("user", user);
                            // set up a monitor to check if the user logs out for our login status
                            // procedure
                            session.setAttribute("userLoginMonitor", LoginCheck.getListener(user.getId()));
                            response.sendRedirect("profile.jsp");
                        }
                        else
                        {
                            session.setAttribute("error", "Account not active");
                            rd = request.getRequestDispatcher("/WEB-INF/login.jsp");
                            rd.forward(request, response);
                        }
                    }
                }
                catch (SQLException ex)
                {
                    request.setAttribute("error", "Database error: " + ex.getMessage());
                    rd = request.getRequestDispatcher("/WEB-INF/login.jsp");
                    rd.forward(request, response);
                }
            }
        } finally { 
        }
    } 

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /** 
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        processRequest(request, response);
    } 

    /** 
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>

}
